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IN THE CLAIMS : 

1 . (Currently Amended) A method for s e curing a communication b e twe e n at l e ast 
on e initiator and on e r e spond e r of said oonmiunication comprising: 

€^ computing an authentication code using a first key and a second key within a 
responder, 

fe) transmitting said second key and said authentication code from said responder to 
m said initiator using a first communication channel, 

e) transmitting said first key from said responder to said initiator using a second 
communication channel, 

d) computing a verification code using said first key and said second key within said 
initiator, and 

e) comparing said verification code with said authentication code within said 
initiato r, and 

authenticating said responder as a correct communication partner if said 
comparing checks out, 

wherein said second key is a secret kev and said first communication channel is a 
secure channel. 

2. (Currently Amended) The method of claim 1, wherein [[a]] the first key is 
generated within said responder. 

3. (Currently Amended) The method of claim 1, wherein [[a]] the second key is 
generated within said responder. 

4. (Currently Amended) The method of claim 1 , wherein in the transmitting of said 
second kev and said authentication code, st e p b) said second key and said authentication 
code are transmitted via a confidential and/or or authenticated communication chaimel or 
both. 
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5. (Currently Amended) The method of claim 1, wherein in the transmitting of said 
first key, step c) said first key is transmitted via an open communication channel. 

6. (Currently Amended) The method of claim 1, wherein said second key is 
composed of a first part and a second part and wherein said first part is used for 
computing said authentication code and said second part is used for calculating an 
authentication valu e in a further st e p f) . 

7. (Original) The method of claim 6, wherein said first part is an empty string and 
wherein said authentication code is calculated as an unkeyed hash code. 

8. (Original) The method of claim 1, wherein said authentication code and said 
verification code are computed using an algorithm to compute a short message 
authentication code. 

9. (Currently Amended) The method of claim 1 , wherein if the comparison of 
authentication code and verification code in st e p e ) yields a difference, said 
initiator requests said responder to retransmit said first key. 

10. (Currently Amended) The method of claim 1 , wh e rein in a fiirth e r st e p 

I) fiirther comprising calculating an authentication value is calculat e d within said 
initiator using said second key. 

11. (Original) The method of claim 10, wherein said authentication code is calculated 
using a pseudo random fimction. 

12. (Currently Amended) The method of claim 10, fiirther comprising using wher e in 
said authentication value is us e d in a step g) for authenticating messages 
transmitted fi-om said initiator to said responder, or vice versa. 
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13. (Currently Amended) The method of claim 12, wherein the st e ps a) — b) 
computing of an authentication code and the transmitting of said second key and said 
authentication code are pre-authentication messages^ and wherein the transmitting of said 
first key st e p c) and g) and the using of said authentication value are internet key 
exchange protocol messages. 

1 4. (Currently Amended) A method for s e curing a communication b e tw e en at least 
on e initiator and on e r e spond e r of said communication using legacy authentication 
comprising: 

a) computing an authentication code using a raw public key and a second key within 
said a responder, 

b) transmitting said second key and said authentication code from said responder to 
smd an initiator using a first communication channel, 

e) transmitting said raw public key fi'om said responder to said initiator within an 
encrypted certification payload using a second communication channel, 

d) extracting said raw public key firom said encrypted certification payload, 

e) computing a verification code using said raw public key and said second key 
within said initiator, aftd 

f) comparing said verification code with said authentication code within said 
initiato r, and 

authenticating said responder as a correct communication partner if said 
comparing checks out, 

wherein said second key is a secret key and said first conununication channel is a 
secure channel . 

15. (Currently Amended) The method of claim 14, wherein [[a]] the first key is 
generated within said responder. 

16. (Currently Amended) The method of claim 14, wherein [[a]] ttie second key is 
generated within said responder. 
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1 7. (Currently Amended) The method of claim 14, wherein in step b) the transmitting 
of said second key and said authentication code, said second key and said 
authentication code are transmitted via a confidential and/or or authenticated 
communication channel or both . 

1 8. (Currently Amended) The method of claim 14, wherein said second key is 
composed of a first part and a second part and wherein said first part is used for 
computing said authentication code and said second part is used for calculating an 
authentication value in a furth e r st e p g) > 

19. (Original) The method of claim 14, wherein said first part is an empty string and 
wherein said authentication code is calculated as an unkeyed hash code. 

20. (Currently Amended) The method of claim 14, wherein in the transmitting of said 
raw public key, st e p c) said encrypted certification payload comprising said raw 
public key is transmitted via an open communication channel. 

21 . (Original) The method of claim 14, wherein said authentication code and said 
verification code are computed using an algorithm to compute a short message 
authentication code. 

22. (Currently Amended) The method of claim 14, wherein jf the comparison of the 
authentication code and the verification code in st e p f) yields a difference, said 
initiator requests said responder to retransmit said certification payload. 

23. (Original) The method of claim 14, wherein in fiirther steps for communicating 
the second key is used for authenticating the initiator to the responder. 

24. (Currently Amended) The method of claim 14, wherein the computing of an 
authentication code and the transmitting of said second key and said 
authentication code steps a) — b) are pre-authentication messages and wherein step 
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e) the transmitting of said raw public key is an internet key exchange protocol 
with extended authentication protocol (IKEv2 EAP) message. 

25. (Currently Amended) A system for encrypting messages transmitted between an 
initiator and a responder, wherein 

- said responder comprises 

- computing means for computing an authentication code from a first key and a 
second key, 

- first transmission means for transmitting said second key and said 
authentication code from said responder to said initiator using a first 
communication channel, and 

- second transmission means for transmitting said first key from said responder 
to said initiator using a second communication channel, and wherein 

- said initiator comprises 

- first transmission means for receiving said second key and said authentication 
code from said responder via said first commimication channel, 

- second transmission means for receiving said first key from said responder 
via said second communication channel, 

- computing means to compute a verification code from said first key and said 
second key, and 

- comparing means for comparing said verification code with said 
authentication code^ 

- wherein said second kev is a secret kev and said first communication channel is a 
secure channel , 

26. (Original) The system of claim 25, wherein said responder further comprises 
generating means for generating [[a]] the first key and/or a or the second key or both . 

27. (Original) The system of claim 25, wherein said first transmission means of said 
responder and said initiator allow communicating via a confidential and/or or 
authenticated communication channel or both. 
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28. (Original) The system of claim 25, wherein said second transmission means of 
said responder and said initiator allow communicating via an open 
communication channel. 

29. CANCEL. 

30. CANCEL. 

31 . (Original) The system of claim 25, wherein said initiator and said responder 
comprise operating means to be operated according to an internet key exchange protocol. 

32. CANCEL 

33. (Currently Amended) A computer program product A computer readable medium 
with a computer program stored thereon with instructions operable to cause a processor 
to secure a communication between at l e ast on e m initiator and one a responder of said 
communication by: 

€^ computing an authentication code using a first key and a second key within said 
responder, 

b) transmitting said second key and said authentication code fi"om said responder to 

said initiator using a first communication channel, 
e) transmitting said first key from said responder to said initiator using a second 

communication channel, 

d) computing a verification code using said first key and said second key within said 
initiator, and 

e) comparing said verification code with said authentication code within said 
initiator^ 

wherein said second key is a secret key and said first communication channel is a 
secure channel. 
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34. (Currently Amended) A communication device for communicating securely with 
an initiator, said device comprising: 

- computing means for computing an authentication code from a first key and a 
second key, 

- first transmission means for transmitting said second key and said authentication 
code from said responder to said initiator using a first communication channel, 

- second transmission means for transmitting said first key from said responder to 
said initiator using a second communication channel, and 

- deciphering means, deciphering a ciphered message from said initiator, where said 
ciphered message is ciphered with a shared secret key at least partially derived 
from said first key^ 

wherein said second key is a secret key and said first communication channel is a 
secure channel . 

35. (Currently Amended) The communication device of claim 34, comprising 
authorising authorizing means, authorising an authorisation authorization message from 
said initiator, where said authorisation authorization message is authorised authorized 
with a shared secret key at least partially derived from said first key. 

36. (Currently Amended) A communication device for communicating securely with 
a responder, said device comprising: 

first transmission means for receiving a second key and an authentication code 
from a responder via said first communication channel, 

- second transmission means for receiving a first key from said responder via a 
second communication channel, 

- computing means to compute a verification code from said first key and said 
second key, 

- comparing means for comparing said verification code with said authentication 
code, and 
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- ciphering means, ciphering a message to be sent to said responder, where said 
ciphered message is ciphered with a shared secret key at least partially derived 
from said first key^ 

wherein said second key is a secret key and said first communication channel is a 
secure channel . 

37. (Currently Amended) The communication device of claim 36, comprising 
authorising authorizing means, authorising authorizing an authorisation authorization 
message with a shared secret key at least partially derived from said first key. 

38. (Currently Amended) A module for providing secure communication with a 
communication device, said module comprising: 

- computing means for computing an authentication code from said first key and 
said second key, 

- first transmission means for transmitting said second key and said authentication 
code from said responder to said initiator using a first communication channel, 

- second transmission means for transmitting said first key from said responder to 
said initiator using a second communication channel, and 

- deciphering means, deciphering a ciphered message from said initiator, where said 
ciphered message is ciphered with a shared secret key at least partially derived 
from said first key 

wherein said second key is a secret key and said first communication chaimel is a 
secure channel . 

39. (Currently Amended) A module for providing secure communication with a 
communication device, said module comprising: 

first transmission means for receiving a second key and an authentication code 
from a responder via said first communication channel, 

- second transmission means for receiving a first key from said responder via a 
second communication channel, 
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- computing means to compute a verification code from said first key and said 
second key, 

- comparing means for comparing said verification code with said authentication 
code, and 

- ciphering means, ciphering a message to be sent to said responder, where said 
ciphered message is ciphered with a shared secret key at least partially derived 
from said first key^ 

wherein said second key is a secret kev and said first communication channel is a 
secure channel . 

40. (New) The at least one computer readable medium of claim 33, wherein the 
communication is also secured by said initiator requesting said responder to retransmit 
said first key if the comparison of authentication code and verification code yields a 
difference. 

41. (New) The module of claim 39, wherein the module is further configured to 
request that said responder retransmit said first key if the comparing means finds a 
difference between the authentication code and verification code yields a difference. 

42. (New) The module of claim 38, wherein the second communication channel is an 
open communication channel. 

43. (New) A communication device configured to communicate securely with a 
responder, said device comprising: 

first transmission element configured to receive a second key and an 
authentication code from a responder via said first conmiunication channel, 

- second transmission element configured to receive a first key from said responder 
via a second communication channel, 

- computing element configured to compute a verification code from said first key 
and said second key, 

- comparing element configured to compare said verification code with said 
authentication code, and 
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- ciphering element configured to cipher a message to be sent to said responder, 
where said ciphered message is ciphered with a shared secret key at least partially 
derived from said first key^ 

wherein said second key is a secret key and said first communication channel is a 
secure channel. 

44. (New) The communication device of claim 43, comprising an authorizing element 
configured to authorize an authorization message with a shared secret key at least 
partially derived from said first key. 
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